Re: Locking out a user after several failed login attempts

Поиск
Список
Период
Сортировка
От Jean-Yves F. Barbier
Тема Re: Locking out a user after several failed login attempts
Дата
Msg-id 20110629180036.6635c4de@anubis.defcon1
обсуждение исходный текст
Ответ на Re: Locking out a user after several failed login attempts  (Mike Thomsen <mikerthomsen@gmail.com>)
Ответы Re: Locking out a user after several failed login attempts  ("mark" <dvlhntr@gmail.com>)
Список pgsql-novice
Дерево обсуждения 
On Wed, 29 Jun 2011 11:43:00 -0400, Mike Thomsen <mikerthomsen@gmail.com>
wrote:



> Yes, we're logging all connections to the database.

I'm interested into that (you can it send to me as a PM.)

So, you just have to add a counter to your login table:
      +------------------------------------+
      |                                    |
login attempt-----good----reset CTR to 1   |
      |                                    |
     bad                                   |
      |                                    |
   CTR += 1                                |
      |                                    |
   CTR > 3?-------no-----------------------+
      |
     yes
      |
 revoke connect from bastarduser (until manually re-granted by dbA)
 trigger alarm in security dpt
 send 450kV into user's keyboard

--
Q:    What do you call a half-dozen Indians with Asian flu?
A:    Six sick Sikhs (sic).

В списке pgsql-novice по дате отправления:

Предыдущее
От: Merlin Moncure
Дата:
Сообщение: Re: pg_advisory_locks in a multithreaded application context
Следующее
От: Daniel Weitzenfeld
Дата:
Сообщение: Connecting to PostgreSQL server